How To use TOTP with your PayPal account

There is already a fantastic guide on Medium which shows you how you use Paypal together with Time-based One-time (short: TOTP), sadly it's outdated so I decided to write an updated and tested guide on my own. What is TOTP and why you should use it?! A time-based one-time password (TOTP) is a temporary passcode, generated... Continue Reading →

AMD’s virtual machine encryption bypassed – NOPE!

AMD's Epyc server chips utilize Secure Encrypted Virtualization (SEV) to automatically encrypt virtual machines on the fly while stored in memory, but researchers now say that they can get around it with a technique dubbed SEVer: "miscreants at the host level can alter a guest's physical memory mappings, using standard page tables, so that the SEV mechanism... Continue Reading →

DiscordCrypt: Unofficial End-to-End Encryption for Discord has arrived

Riot (Matrix) is my favorite chat program but it suffers from one major issue, it's slow and the user Interface is - I wouldn't say horrible - but has 'room for improvements'. So, overall most users using Discord instead wish is still not a bad client it has HTTPS but the server owner might see... Continue Reading →

How To secure your OpenVPN configuration

There many traps when it comes to the OpenVPN configuration which your VPN provider has to offer, in this short tutorial I will show you what you need to know and which points are really important to look at. How to edit an OpenVPN configuration file? If the VPN provider offers a .openvpn configuration file then... Continue Reading →

Chromium removed the ability to compile the Browser without WebRTC

There bad news and there's good news for security fans, first things first - the Chromium source code disabled the ability to compile the Browser without WebRTC. For those who have no clue why WebRTC is a thing, well back in 2015 there was a huge security breach based on the Web Real-Time Communication project which... Continue Reading →

Sometimes you can’t take EFF serious

Well, I'm already fighting for years against FUD, especially when it comes to privacy tools and recommendation I often fight against individuals or people who still to believe in application security. However, this time Electronic Frontier Foundation (EFF) failed - so what happened? We had the recent leak called Efail which is a weakness in PGP and... Continue Reading →

How Advertising Malware smuggles Malware into the Google Play Store

"Always download apps from the official app store." - that's what people arguing in order to stay away from malware but is this true? Several malware was already found during the past years within the official Store, Google reacted and hardened their systems, as a result, your device gets regularly scanned in order to find malware... Continue Reading →

Anonymity in the Cryptocurrency Monero – YES, Monero is still secure!

Researchers have exploited a flaw in the cryptocurrency Monero to break the anonymity of transactions, however, this is just a re-release and seems to be already over 1 year old now. Several pages 'forgot' to mention that this is already resolved and the new introduced and updated research paper overall says nothing that is not already well... Continue Reading →

Encryption Tools & Algorithm the NSA & Co. still can’t crack

Lot's of people often gave agencies too many credits because of Snowden and other whistleblower leaks but GCHQ & Co. don't have unlimited power over every program, connections or algorithm. In my little guide here I show what NSA still can't crack based on researches and leaks. All might NSA, GCHQ & Co. Most of... Continue Reading →

Blog at

Up ↑

%d bloggers like this: